The Windows July 2023 security updates are here and they patch critical issues

Martin Brinkmann
Jul 11, 2023
Updated • Jul 12, 2023
Windows Updates
|
12

Microsoft released security updates for client and server versions of its Windows operating system today. The security updates address vulnerabilities in all supported versions of Windows and are available via Windows Update and other update management systems.

Our overview of the Microsoft Windows July 2023 Patch Day helps home users and administrators navigate the releases easily. It includes links to all released updates and support pages, download options, a list of known issues for each client version of Windows, and much more.

Microsoft revealed in one of the released advisories that "drivers certified by Microsoft’s Windows Hardware Developer Program were being used maliciously in post-exploitation activity".

Click here to open last month's Windows Patch Day overview.

Microsoft Windows Security Updates: July 2023

You can download the following Excel spreadsheet. It lists the released security updates of the May 2023 Microsoft Patch Day. Click on the following link to download it: windows-security-updates-july-2023

Executive Summary

  • The July 2023 release consists of a total of 130 CVEs and 2 advisories.
  • Affected products include all supported versions of Windows as well as Microsoft Office, Windows Remote Desktop, Microsoft Power Apps, Windows SmartScreen and other company products.
  • The following Windows client version have known issues: Windows 10 version 1809, Windows 10 version 21H2 and 22H2, Windows 11 version 21H2 and 22H2
  • The following Windows server versions have known issues: Windows Server 2008, Windows Server 2008 R2, Windows Server 2019 and 2022.
  • Microsoft has renamed Azure AD to Microsoft Entra ID.

Operating System Distribution

The critical vulnerabilities are linked below only.

  • Windows 10 version 21H2: 82 vulnerabilities, 6 critical and 76 important.
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35366
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35365
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35367
    • Microsoft Message Queuing Remote Code Execution Vulnerability -- CVE-2023-32057
    • Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability -- CVE-2023-35315
    • Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-35297
  • Windows 10 version 22H2: 82 vulnerabilities, 6 critical and 76 important.
    • same as Windows 10 version 21H2
  • Windows 11 version 21H2:  85 vulnerabilities, 6 critical and 79 important
    • same as Windows 10 version 21H2
  • Windows 11 version 22H2:  84 vulnerabilities, 6 critical and 78 important
    • same as Windows 10 version 21H2

Windows Server products

  • Windows Server 2008 R2 (extended support only): 55 vulnerabilities: 5 critical and 50 important
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35366
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35367
    • Microsoft Message Queuing Remote Code Execution Vulnerability -- CVE-2023-32057
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35365
    • Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-35297
  • Windows Server 2012 R2: 71 vulnerabilities: 6 critical and 65 important
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35366
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35367
    • Microsoft Message Queuing Remote Code Execution Vulnerability -- CVE-2023-32057
    • Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability -- CVE-2023-35365
    • Windows Remote Desktop Security Feature Bypass Vulnerability -- CVE-2023-35352
    • Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-35297
  • Windows Server 2016: 87 vulnerabilities: 6 critical and 81 important.
    • same as Windows Server 2012 R2.
  • Windows Server 2019: 96 vulnerabilities: 7 critical and 90 important.
    • same as Windows Server 2012 R2, plus
    • Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability -- CVE-2023-35315
  •  Windows Server 2022:  100 vulnerabilities: 7 critical and 93 important.
    • same as Windows Server 2019.

Windows Security Updates

Windows 10 version 21H2 and 22H2

Updates and improvements:

Windows 11 Release version 

Updates and improvements:

Windows 11 version 22H2  

Updates and improvements:

Other security updates

2023-07 Cumulative Update for Windows 10 Version 1507 (KB5028186)

Server updates

2023-07 Cumulative Security Update for Internet Explorer for Windows Embedded 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, Windows Server 2012, Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5028167)

2023-07 Cumulative Update for Microsoft Server operating system version 21H2 for x64-based System (KB5028171)

2023-07 Security Monthly Quality Rollup for Windows Server 2008 (KB5028222)

2023-07 Security Only Quality Update for Windows Server 2008 (KB5028226)

2023-07 Security Only Quality Update for Windows Embedded 8.1 and Windows Server 2012 R2 (KB5028223)

2023-07 Security Monthly Quality Rollup for Windows Embedded 8.1 and Windows Server 2012 R2 (KB5028228)

2023-07 Security Only Quality Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5028224)

2023-07 Security Monthly Quality Rollup for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5028240)

2023-07 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5028232)

2023-07 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5028233)

2023-07 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5028168)

2023-07 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5028169)

2023-07 Servicing Stack Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5028264)

Known Issues

Windows 10 versions 21H2 and 22H2

  • (Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.

Windows 11 version 21H2

  • (Old) Some Windows devices with third-party user interface customizations may not start up after installing this update or future updates.
    • Microsoft recommends uninstalling the third-party UI customization applications before installing this update, or updating them, if updates are available. Check out our support article for additional information on the issue.

Windows 11 version 22H2

  • (New, again) Device with Windows installations created from custom offline media or custom ISO images may have Microsoft Edge Legacy removed and not replaced by Microsoft Edge (Chromium)
  • (Fixed) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
    • Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.

Security advisories and updates

  • ADV 990001 -- Latest Servicing Stack Updates
  • ADV230001 -- Guidance on Microsoft Signed Drivers Being Used Maliciously

Non-security updates

2023-07 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5028857)

2023-07 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8.1 and Windows Server 2012 R2 (KB5028859)

2023-07 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5028860)

2023-07 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5028863)

2023-07 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8.1 and Windows Server 2012 R2 (KB5028864)

2023-07 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5028865)

2023-07 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012 (KB5028869)

2023-07 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5028870)

2023-07 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5028871)

2023-07 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8.1 and Windows Server 2012 R2 (KB5028872)

2023-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5028939)

2023-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5028940)

2023-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8.1 and Windows Server 2012 R2 (KB5028941)

2023-07 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5028942)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB508849)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5028850)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 (KB5028851)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5028852)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5028853)

2023-07 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5028854)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5028855)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5028856)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 22H2 and Microsoft server operating system version 21H2 for x64 (KB5028858)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5028862)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system, version 22H2 for x64 (KB5028935)

2023-07 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5028936)

2023-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 (KB5028937)

2023-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11 (KB5028938)

2023-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5028943)

2023-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 (KB5028944)

2023-07 Dynamic Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5028263)

Microsoft Office Updates

You find Office update information here.

How to download and install the July 2023 security updates

The July 2023 updates for Windows are available already. Home users may launch Windows Update on their devices to download and install the patches. Here is the way to do so:

  1. Select Start, type Windows Update and load the Windows Update item that is displayed.
  2. Select check for updates to run a manual check for updates.

Updates may also be downloaded manually using the links below.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 10 Version 21H2

  • KB5028166 -- 2023-07 Cumulative Update for Windows 10 Version 21H2

Windows 10 version 22H2

  • KB5028166 -- 2023-07 Cumulative Update for Windows 10 Version 21H2

Windows 11 Release version

  • KB5028182 -- 2023-07 Cumulative Update for Windows 11
Windows 11 version 22H2
  • KB5028185 -- 2023-07 Cumulative Update for Windows 11 version 22H2

Additional resources

Summary
Article Name
The Windows July 2023 security updates are here and they patch critical issues
Description
Microsoft released security updates for client and server versions of its Windows operating system today on the July 2023 Patch Day.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. rpr said on July 22, 2023 at 1:56 pm
    Reply

    In our case the installation of KB5028232 on a MS Windows Server 2012 Standard is not successful. After server restart the following is logged in the Event Log:”Package KB5028232 failed to be changed to the Installed state. Status: 0x800f0920.” Downloaded the update manually from https://catalog.update.microsoft.com and installed but got the same result.

  2. EP said on July 20, 2023 at 5:52 am
    Reply

    KB5028166 update for Win10 22H2 appears to cause a bunch of problems (network problems included). check out this article from Neowin:

    https://www.neowin.net/news/kb5028166-is-causing-system-issues-break-secure-channel-forces-synology-to-release-a-patch/

  3. Allan77 said on July 19, 2023 at 7:56 am
    Reply

    Security update for Windows 10 Enterprise 2019 LTSC v1809 went very well, no problems at all. Also each month after I update. I clean the WinSxS Folder with CMD scan. Operating system stays running smooth every time.

  4. Garu said on July 13, 2023 at 5:30 pm
    Reply

    The article was very very helpful in summarizing the CVEs and what security updates addresses the vulnerabilities. It has saved us tons of work!

  5. Craig said on July 13, 2023 at 3:57 pm
    Reply

    Installing KB5028166 has broken some desktop shortcut icons for domain users on Windows 10 22H2 , anyone else?

    1. Glynn said on July 21, 2023 at 2:42 pm
      Reply

      For anyone else running into this issue, setting this policy to Enabled resolved it for us, though why it’s only become a requirement after this security update I’m not sure.

      https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.WindowsExplorer::EnableShellShortcutIconRemotePath

    2. Glynn said on July 21, 2023 at 10:01 am
      Reply

      Yes, also seeing issues with blank icons for .URL shortcuts created through group policy when it references a .ico file on network UNC path. Seems ok if icon file is on local disk. Have observed issue on Win10 21H2 and Win10 LTSC 2019

  6. Paul(us) said on July 12, 2023 at 11:44 am
    Reply

    Thanks, Martin, for the info.
    Something strange happened with this july update yesterday Microsoft installed –
    Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5028937) So far so good.

    And today Microsoft again installed the Cumulative Update for .NET Framework 3.5, 4.8, and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5028937)

    So Cumulative Update for .NET Framework 3.5, 4.8, and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5028937) is now twice installed on my system.

    Will this give any conflicts? Is it wise to keep them on the system? And when I should uninstall one of the two versions which one should I uninstall? The one from Yesterday or today?
    I have now installed Windows 10 pro. Version 22H2 (OS build 19045.3208)

    1. VioletMoon said on July 13, 2023 at 1:06 am
      Reply

      “Will this give any conflicts? Is it wise to keep them on the system?”

      Which command or tool are you using that indicates you actually have “two” separate installations of NET Framework? Like, one isn’t a SP2?

      Here’s one guide:

      https://www.howtogeek.com/731913/how-to-check-the-.net-framework-version-on-windows-10/

      WAU Manager would show all the installations and provide a checkbox to uninstall one of the two.

      As well, the following tool should work fine:

      https://github.com/jmalarcon/DotNetVersions/releases/tag/v1.1.1

      Net 6 and Net 7 are the updates for Windows 11–maybe Windows 10. I’m not on the other computer.

      I’m not Martin, but if I showed “two” actual installations, I would uninstall both and start over, making sure auto updates is turned off and by manually downloading the installation file.

      1. Paul(us) said on July 13, 2023 at 2:28 pm
        Reply

        Thanks, VioletMoon. I also thought that uninstalling both is the best way.
        Thanks for confirming this.

  7. M$ said on July 12, 2023 at 10:14 am
    Reply

    @Martin

    Thanks for this update info

    One fault:
    the update for Windows 11 22H2 is KB5028185 and not KB5028166 (mentioned several times above)
    KB5028166 is for Windows 10 21H2 and 22H2

    1. Martin Brinkmann said on July 12, 2023 at 11:27 am
      Reply

      Thank you, I have corrected the error.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.